Certificate chain
The certificate chain is always displayed in order from the end-entity certificate to the root certificate.
Each certificate may contain the following fields:
| Name | Value | Description |
|---|---|---|
not_after_ts | Optional UNIX timestamp | Date, after which the certificate should not be used |
not_before_ts | Optional UNIX timestamp | Date, before which the certificate should not be used |
common_name | Optional string | Certificate common name |
country_name | Optional two-letter country code | Certificate country code |
organization_name | Optional string | Certificate organization name |
performed_revocation_checks | Optional list of revocation checks | List of performed certificate revocation checks |
Revocation checks
Revocation checks are distinguished by the type field.
crl
| Name | Value | Description |
|---|---|---|
url | String value | URL used to fetch the certificate revocation list |
Example
[
{
"not_after_ts": 1785000040,
"not_before_ts": 1753464040,
"common_name": "Test Cert",
"country_name": "XX",
"organization_name": "Example",
"performed_revocation_checks": [
{
"type": "crl",
"url": "https://example.com/ca.crl"
}
]
},
{
"not_after_ts": 1785000040,
"not_before_ts": 1753464040,
"common_name": "Intermediate CA",
"country_name": "XX",
"organization_name": "Example",
},
{
"not_after_ts": 1785000040,
"not_before_ts": 1753464040,
"common_name": "Root CA",
"country_name": "XX",
"organization_name": "Example",
}
]